Unlike most resource allocation decisions within the enterprise, decisions involving security projects are often influenced by external events, namely data breaches encountered by other organizations in one’s own sector or industry.

Like this:

This episode of the “CISO’s Guide to Obtaining Budget” podcast series details how a CISO should build his or her reputation over time and absent of any major demands. Key recommendations include setting up a regular cadence of meetings with relevant executives to discuss business issues and managing security training exercises to demonstrate your expertise and understanding of business risks.

Like this:

The typical CISO likely differs in significant ways from other business executives, perhaps in education, experience and also primary job responsibilities. So how do security leaders learn to speak the same language as their C-suite colleagues?

Like this:

This episode of the “CISO’s Guide to Obtaining Budget” podcast series offers advice for CISOs and security leaders looking to bridge the gap and communicate more effectively and meaningfully with other executives. Listen now to learn how successful security leaders translate abstract technical issues into straightforward risks that any executive can understand and take action on.

Like this:

This first episode of the “CISO’s Guide to Obtaining Budget” podcast series focuses on how organizations make decisions involving cybersecurity spending in a world where resource constraints are a near constant.

Like this:

On Dec. 31, we’ll close the books on a year that will go down in history — not due to world events, scientific discoveries or pop culture happenings, but because of the record numbers of personally identifiable information (PII) exposed through major data breaches and cybersecurity events that happened throughout the year.

Like this:

Ponemon Institute Study: Most Organizations ‘Don’t Know What They Do Know’ When Assessing Application Security Risk

It’s becoming virtually impossible to escape mobile apps. As a consumer, every time you go shopping, attend a major event, post content to social media or listen to the radio, you’re encouraged to download new, customized applications from content providers. Similarly, customer demand for new or updated functionality has shortened software release cycles and led to an explosion of software-based games, fitness applications and quickly evolving versions of popular social media content.

Like this:

Last year, the Mirai botnet wreaked havoc, using compromised Internet of Things (IoT) devices to take down large internet providers in North America and Europe with a distributed denial-of-service (DDoS) attack. While Mirai has largely faded from view, Bleeping Computer reported that a new threat named IoT_Reaper is exploiting specific IoT security flaws and has already infected more than 2 million devices worldwide.

Like this:

Board directors are under a lot of pressure. They know that it’s only a matter of time before their organization suffers a cyber incident, and all eyes will naturally be on the directors themselves to see if they were properly exercising their risk oversight.